Schedule 31. Chaos Communication Congress

lecture: Crypto Tales from the Trenches

Julia Angwin, Jack Gillum, and Laura Poitras will tell us stories about how they use crypto and privacy-enhancing technologies as high-profile journalists, and rant in an entertaining way about how these tools have failed or are horribly inadequate for their needs. They will also talk about their rare crypto successes.

Cryptography and privacy-enhancing technologies are increasingly part of a modern journalist's spycraft. But what does it look like when a reporter actually tries to protect herself and her sources with the best tools that the hacker/academic/activist/cipherpunk/technologist communities have produced? Disaster, chaos, crashes, and UI-sponsored opsec fails.

In this talk, Julia Angwin, Jack Gillum, and Laura Poitras will tell us highly entertaining and disturbing war stories of using crypto in the field as high-risk targets, and excoriate the crypto and developer communities for failing to meet their needs while claiming success and security for all. We will hear how the crypto-nerd's utopia of
deniable poker over the phone with an honest-but-curious adversary becomes a set of barely usable implementations and user expectation mismatches.

We hope to provide some clarity on what works and what doesn't for those who develop or aspire to develop secure applications, and also a rough guide to usable opsec right now for sources, journalists, and
other nontechnical users worried about sophisticated adversaries.